Bug ID 1173427
Summary zypper generates 401 responses when using password protected rpm repository
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.2
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component libzypp
Assignee zypp-maintainers@suse.de
Reporter stuart.mclaren@hpe.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

When using a password protected rpm repository zypper seems to first do a 
GET without credentials, before retrying the GET with credentials:

Here is the first attempt which generates a 401:

 35.237.234.112 - user1 [08/Jun/2020:09:18:28 +0000] "GET /sles/sles-
packages/Module-Public-Cloud/media.1/media HTTP/1.1" 401 204 "-" "ZYpp 17.15.0
(curl 7.60.0) sle-15-x86_64"

Here is the second attempt which succeeds (200).

 35.237.234.112 - user1 [08/Jun/2020:09:18:29 +0000] "GET
/sles/sles-packages/Module-Public-Cloud/media.1/media HTTP/1.1" 200 54 "-"
"ZYpp 17.15.0 (curl 7.60.0) sle-15-x86_64"

This causes failures when using an Artifactory yum repository -- because
Artifactory counts the number of failed logins (401) and will return 403 if
that count gets too high. This leads to package installs failing.

You are receiving this mail because: